Nearly 4 months ago, a white hat hacker announced a blind SQL injection vulnerability in the QIWI( a popular publicly traded Russian payment service provider) API interface that allows an attacker to do arbitrary code execution on the servers. A blind SQL injection vulnerability is a vulnerability that allows an attacker to make request to the end database server that a person is not allowed to do . The company took around 4 months to patch this vulnerability and awarded an amount of $5,500 to the bug bounty hunter on hackerone. Qiwi is most widely used in Russia, Ukraine, Kazakhstan, Moldova, Belarus, Romania, the United States, and the United Arab…
Debugging Myths About CyberSpace!